package com.szl.group.config.interceptor;

import com.fasterxml.jackson.databind.ObjectMapper;
import com.szl.group.entity.AuthenticationDTO;
import lombok.extern.slf4j.Slf4j;
import org.apache.commons.lang3.StringUtils;
import org.springframework.http.MediaType;
import org.springframework.security.authentication.AuthenticationServiceException;
import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;

import javax.annotation.Resource;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;

@Slf4j
public class CustomAuthenticationFilter extends UsernamePasswordAuthenticationFilter {


    @Resource
    private ObjectMapper objectMapper;

    /**
     * 支持json数据格式登录
     *
     * @param request
     * @param response
     * @return
     * @throws AuthenticationException
     */
    @Override
    public Authentication attemptAuthentication(HttpServletRequest request, HttpServletResponse response) throws AuthenticationException {


        log.info("------------------------进入自定义登录过滤器-----------------------------------");

        if (!request.getMethod().equalsIgnoreCase("POST")) {
            throw new AuthenticationServiceException(
                    "Authentication method not supported: " + request.getMethod());
        }

        if (request.getContentType().equals(MediaType.APPLICATION_JSON_VALUE)
                || request.getContentType().equals(MediaType.APPLICATION_JSON_UTF8_VALUE)) {
            AuthenticationDTO auth = null;
            try {
                auth = objectMapper.readValue(request.getInputStream(), AuthenticationDTO.class);

            } catch (IOException e) {
                log.error("io异常",e);
            }

            String username = auth.getUsername();
            String password = auth.getPassword();
            String code     = auth.getCode();

            String verify_code = (String) request.getSession().getAttribute("verify_code");


            if (StringUtils.isBlank(username)) {
                throw new BadCredentialsException("用户名为空");
            }
            if (StringUtils.isBlank(password)) {
                throw new BadCredentialsException("密码为空");
            }

            username = username.trim();

            UsernamePasswordAuthenticationToken authRequest = new UsernamePasswordAuthenticationToken(
                    username, password);
            setDetails(request, authRequest);
            return this.getAuthenticationManager().authenticate(authRequest);
        } else {

            System.out.println(request.getParameter("code"));
            return super.attemptAuthentication(request, response);

        }
    }

}
